Using AWS

Note

BOSH supports Multi-CPI since version v261+.

In this guide we explore how to configure BOSH to deploy VMs from a single deployment across two different regions in two separate AWS Accounts. Communication between regions will be configured via VPC Peering or through a VPN using IPSec.

For simplicity reasons we're going to allow all internal traffic between two VPCs, however this can be configured as desired by the operator.

Let's start by initializing main AZ (z1) to US East (N. Virginia) by following steps 1 and 2 from Creating environment on AWS. This will give you a working BOSH Director in a single region. You can perform a deployment to test Director is working fine.

To connect VPCs in the same region you have to create a VPC Peering Connection between each region. In our case, we have two VPCs so only one connection is required.

Create new VPC Peering Connection as shown in the image:

From the Accepter VPC Account go into the console and click Accept Request. After accepting the request it will recommend you to edit the route tables from each VPC to allow traffic between them through the peering connection.

Modify VPC Route Table in each VPC and add other VPC's CIDR block with the VPC Peering Connection as the target.

For z1:

For z2:

Note

If you want IPv6 traffic to be routed you also need to add the corresponding IPv6 CIDR blocks.

Create following files ~/workspace/multi-cpi-vpn/creds-az1.yml and ~/workspace/multi-cpi-vpn/creds-az2.yml with the following properties. You should have all this information from the above Set up the IaaS step.